@JoshData or someone working on the code would have to explain but to me the better question is this:
Why does Laravel not support STARTTLS?
From: SSL vs TLS vs STARTTLS | Blog | Limilabs
STARTTLS problems
There were a few problems with this. There exists lots of software, that used the alternate port numbers with pure SSL/TLS connections. Client software can be very long lived, so you can’t just disable the encrypted ports until all software has been upgraded.
Each protocol received mechanisms to tell clients that the server supported upgrading to SSL/TLS (e.g. STARTTLS in IMAP’s CAPABILITY response), and that they should not attempt to login without doing the STARTTLS upgrade (LOGINDISABLED in IMAP’s CAPABILITY response). This created two unfortunate situations:
Some software just ignored the “login disabled until upgraded” announcement (LOGINDISABLED, STARTTLS) and just tried to log in anyway, sending the user login name and password over clear text channel. The server rejected the login and password, but the details had already been sent over the Internet in plain text.
Other software saw the “login disabled until upgraded” announcement, but then wouldn’t upgrade the connection automatically, and thus reported login errors back to the user, which caused confusion about what was wrong.Both of these problems resulted in significant compatibility issues with existing clients, and so most system administrators continued to just use plain text connections on one port, and encrypted connections on a separate port number.
I am theorizing that one or the other of the bolded things are happening with Laravel.
I’d be happy to walk you through it on Slack. The instructions I recommend vary slightly from what is published in the advanced guide.
Both questions that someone on the development team would have to answer. I know I suggested on Slack to ask here - but this question delves into developer territory and may be better addressed on GitHub.